Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We’ve talked a lot about why software bills of materials (SBOMs) are important and how they communicate the value of your organization, so we won’t continue those lectures here. We’re all good on the why so today we’ll talk about the how – the best (and free!) tools to help you create SBOMs automatically. Creating an SBOM manually is arduous and error-prone so why not avoid it altogether?

While you have your heart set on finding a partner, you should also keep your eyes peeled for the dangers that come with dating in the digital realm.

Top tips is a weekly column where we highlight what’s trending in the tech world today and list ways to explore these trends. This week, we’ll look at three types of cyberattacks that are predicted to be prevalent in 2024. If there’s one thing we can be certain of, it’s that we will never ever be safe from cyberthreats. That is why we need to prepare ourselves for the onslaught of cybercrime that is about to hit us this new year.

Welcome to 2024! A new year brings new change, so why not start 2024 with a rapid IT and security hygiene check? Read through the following list, keep a tally, and score your organization out of 10 on these mandatory items. If you don’t know the answer, it’s worth following up to find out.

TL;DR: JFrog’s ML Model Management capabilities, which help bridge the gap between AI/ML model development and DevSecOps, are now Generally Available and come with a new approach to versioning models that benefit Data Scientists and DevOps Engineers alike. Model versioning can be a frustrating process with many considerations when taking models from Data Science to Production.

Read also: The US charges admins, sellers and buyers linked to xDedic, a ShinyHunters hacker gets 3 yers in prison, and more.

My journey to finding Kovrr had been packed with headaches and puzzles that many CISOs still face today. Within a few short years of being the CISO at Avid, a content-creation software provider, I managed to implement tighter security controls and develop a framework that enabled objective progress measurement. ‍ However, I constantly faced an impasse when attempting to communicate these achievements with the board.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. What a great start to the year with a stream of crypto issues. An own goal to kick things off.

When I’m carrying out security research into a thing, I generally don’t like to Google prior research right away. I know, this completely goes against how you would (and should!) carry out any research; starting with a literature review to find the lay of the land and existing research done in the area to then expand upon. However, I have a habit of getting that light bulb idea or concept and acting upon it right away, rolling up my sleeves and putting my wellies on, ready to get dirty.

The “fog of war” is a military term used to denote the uncertainty and confusion experienced on the battlefield. During periods of growing geopolitical conflict, it becomes increasingly hard to keep pace with new developments.